package xkp.lesson.springboot_shiro.shiro;

import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import xkp.lesson.springboot_shiro.entity.Resource;
import xkp.lesson.springboot_shiro.entity.Role;
import xkp.lesson.springboot_shiro.entity.UserInfo;
import xkp.lesson.springboot_shiro.service.ResourceService;
import xkp.lesson.springboot_shiro.service.RoleService;
import xkp.lesson.springboot_shiro.service.UserInfoService;

import java.util.HashSet;
import java.util.List;
import java.util.Set;


/**
 * 认证
 *
 * @author
 */
@Slf4j
public class CustomRealm extends AuthorizingRealm {

    //private final static Logger logger=LoggerFactory.getLogger(OAuth2Realm.class);

    @Autowired
    private UserInfoService userInfoService;
    @Autowired
    private RoleService roleService;
    @Autowired
    private ResourceService resourceService;
    //shiro的权限配置方法
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

        log.info("权限配置-->doGetAuthorizationInfo");

        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        log.info("----------------------------->"+principals.getPrimaryPrincipal());
        UserInfo userInfo=(UserInfo) principals.getPrimaryPrincipal();
        List<Role> roles = roleService.selectByUserId(userInfo.getUserId());
        List<Resource> resources = resourceService.selectByUserId(userInfo.getUserId());
        userInfo.setRoleList(roles);
        userInfo.setResourceList(resources);
        Set<String> roleSet = new HashSet<>();
       for(Role role:userInfo.getRoleList()){
            roleSet.add(role.getRoleName());
        }
        authorizationInfo.addRoles(roleSet);

       Set<String> resourceSet = new HashSet<>();
       for(Resource resource:userInfo.getResourceList()){
           resourceSet.add(resource.getResourceName());

        }
        authorizationInfo.addRoles(resourceSet);

        log.info("用户"+userInfo.getUserName()+"具有的角色:"+authorizationInfo.getRoles());
        log.info("用户"+userInfo.getUserName()+"具有的权限："+authorizationInfo.getStringPermissions());

        return authorizationInfo;
    }

    //shiro的身份验证方法
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

        log.info("正在验证身份..doGetAuthenticationInfo.");
        SimpleAuthenticationInfo info=null;

        //将token转换成UsernamePasswordToken
        UsernamePasswordToken upToken = (UsernamePasswordToken) token;
        //从转换后的token中获取用户名
        String username= upToken.getUsername();
        log.info("----->"+username);

        //查询数据库，得到用户
        UserInfo userInfo=userInfoService.findByName(username);

        if(userInfo==null){
            return null;
        }

        //得到加密密码的盐值
        ByteSource salt = ByteSource.Util.bytes(userInfo.getSalt());

        info = new SimpleAuthenticationInfo(
                userInfo, //用户名
                userInfo.getUserPwd(), //密码
                salt, //加密的盐值
                getName()  //realm name
        );
        return info;
    }

}